Xataface Forums

I don't want the users to change their profile by them self in Webauction.
When users are logged in, the link to control panel shows up under the "logout" prompt.
Are there any easy way to hide these functions?

The best way to handle this is with permissions. If you only remove the link then they may still be able to modify their profile by typing in the URL directly.

You can customize permissions in the tables/users/users.php file. You'll notice a getPermissions() method that looks something like:

Code: Select all

function getPermissions(&$record){

        if ( isAdmin() or ( $record and ($record->strval('username') == getUsername()))) {
            $perms = Dataface_PermissionsTool::ALL();
        } else {
            $perms = Dataface_PermissionsTool::READ_ONLY();
        }
        $perms['new'] = 1;
        return $perms;
    }


Change it to:

Code: Select all

function getPermissions(&$record){
    /*
        $app =& Dataface_Application::getInstance();
        $del =& $app->getDelegate();
        $perms =& $del->getPermissions($record);
    */
        //if ( $record ) echo "Yes"; else echo "No";
        //if ( $record and $record->val('username') ) echo "We have a username";
        if ( isAdmin()) {
            $perms = Dataface_PermissionsTool::ALL();
        } else {
            $perms = Dataface_PermissionsTool::READ_ONLY();
        }
        $perms['new'] = 1;
        return $perms;
    }